How to apply Policing on Cisco ASAs with leased lines?
I'm trying to configure policing and/or shaping on a setup of 2 x ASA 5505 Sec Plus. The units are placed in office A and office B and each have a ISP connection to the internet and a leased line with a capacity of 4/4 Mbit/s for interoffice communication.
On each ASA there's four subnets. VLAN 200 is used to connect the offices through the leased line.
Outside = 2
Data = 10
Voice = 100
Linknet = 200
I've read a lot of articles and posts about shaping and policing on the ASA but still can't get it to work like I wan't to. I'm trying to limit all traffic besides IP-telephony traffic to 3 Mbit/s and thus reserving 900 Kbit/s for voice traffic. I tried setting a service-policy on the linknet interface on each ASA and set Traffic match to Any traffic and QoS settings for both input and output.
I can see traffic passing the policy when I run the "show service-policy police" command but it never seems to be high enough to be policed which is strange since the ASDM monitoring shows that I'm pushing 3900 kbit/s. I file transfers verifies that policing does'nt work.
I finally got shaping to work on the desired interface. I had the commands right the whole time but when I tried to configure a "class class-default" under a new "policy-map" I pressed TAB to call up the command instead of writing it. This actually sent me down a level and I got the "ERROR: % class-default is a well-known class and is not configurable under class-map" error.
A bit irritating error but I'm glad it worked out in the end.
ISE 3.0 with patch level 3, licenses are showing as "Released for Entitlement" for all term based licenses. This is because of a bug CSCvz33870.I have tried all possibilities, including renewing registration, de registering, resetting, and updating from I...
This month, we're excited to bring awareness to a newly formed partnership between Cisco Secure and IBM.
Securing today's dynamic enterprise applications is critical. With hybrid and multi-cloud adoption, traditional network-based security ran into limita...
Listen: https://smarturl.it/CCRS8E42Follow us: twitter.com/CiscoChampion
APIClarity is an open source, cloud-native visibility tool for APIs. It utilizes a Service Mesh framework to capture and analyze API traffic and identify potential risks.
Hello everyone, A new video in the Cisco Secure Terraform Series has just been published. If you are interested in Infrastructure as Code, and Terraform, you don't want to miss out on this amazing series with Jason "Canadian Bacon" Maynard! Newe...
Whitepaper - Configuring IPsec IKEv2 Remote Access VPN with Cisco Secure Firewall
Abstract / Introduction
There has been recent guidance from the United States National Security Agency (NSA...